In 2015, The CMVP introduced the notion of sub-chip cryptographic subsystems in IG 1.20 Sub-Chip Cryptographic Subsystems. This approached allows vendor to isolate security subsystem designs that may be re-used in multiple configurations or generations of products. It allowed vendors to better define the module’s cryptographic boundary to cover the essential elements without weakening its security purpose.

The purpose of this presentation is to first review the notion of sub-chip modules. Next the speaker will provide examples of how sub-chip modules can be used to expedite the validation of future products which will embed the sub-chip module within it’s larger scope. The speaker will explain the pros and cons of sub-chip cryptographic modules, and lastly provide some tips to vendors considering this option when define your module scope.

By the end of the presentation, vendors should be better informed on how appropriately scope their sub-chip cryptographic modules and create a game plan for future re-validation efforts.